diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 8e42f7a..a9a972b 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -2813,11 +2813,8 @@ ], "synonyms": [ "CARBON SPIDER", - "Carbon Spider", "GOLD NIAGARA", - "Calcium", - "Carbanak", - "FIN 7" + "Calcium" ] }, "related": [ @@ -2930,9 +2927,7 @@ "https://attack.mitre.org/groups/G0085/" ], "synonyms": [ - "FIN4", - "FIN 4", - "Wolf Spider" + "FIN4" ] }, "uuid": "ff449346-aa9f-45f6-b482-71e886a5cf57", @@ -3612,9 +3607,6 @@ "country": "CN", "refs": [ "https://www.proofpoint.com/uk/threat-insight/post/august-in-december-new-information-stealer-hits-the-scene" - ], - "synonyms": [ - "TA 530" ] }, "uuid": "4b79d1f6-8333-44b6-ac32-d1ea7e47e77f", @@ -3677,12 +3669,10 @@ ], "synonyms": [ "SKELETON SPIDER", - "Sketelon Spider", "ITG08", "MageCart Group 6", "White Giant", - "GOLD FRANKLIN", - "FIN 6" + "GOLD FRANKLIN" ] }, "related": [ @@ -4605,9 +4595,6 @@ "https://afyonluoglu.org/PublicWebFiles/Reports-TR/2017%20FireEye%20M-Trends%20Report.pdf", "https://www.fireeye.com/blog/threat-research/2017/06/obfuscation-in-the-wild.html", "https://attack.mitre.org/groups/G0061" - ], - "synonyms": [ - "FIN 8" ] }, "related": [ @@ -4703,9 +4690,6 @@ "refs": [ "https://www.proofpoint.com/us/threat-insight/post/apt-targets-financial-analysts", "https://attack.mitre.org/groups/G0062/" - ], - "synonyms": [ - "TA 459" ] }, "related": [ @@ -6708,9 +6692,6 @@ "country": "RU", "refs": [ "https://www.crowdstrike.com/blog/big-game-hunting-the-evolution-of-indrik-spider-from-dridex-wire-fraud-to-bitpaymer-targeted-ransomware/" - ], - "synonyms": [ - "Indrik Spider" ] }, "uuid": "658314bc-3bb8-48d2-913a-c528607b75c8", @@ -6849,8 +6830,6 @@ "GRACEFUL SPIDER", "GOLD TAHOE", "Dudear", - "TA 505", - "Graceful Spider", "TEMP.Warlock" ] }, @@ -6892,9 +6871,7 @@ "synonyms": [ "TEMP.MixMaster", "GOLD BLACKBURN", - "Wizard Spider", - "FIN12", - "FIN 12" + "FIN12" ] }, "uuid": "bdf4fe4f-af8a-495f-a719-cf175cecda1f", @@ -6912,9 +6889,7 @@ ], "synonyms": [ "TA542", - "GOLD CRESTWOOD", - "Mummy Spider", - "TA 542" + "GOLD CRESTWOOD" ] }, "uuid": "c93281be-f6cd-4cd0-a5a3-defde9d77d8b", @@ -6957,7 +6932,6 @@ ], "synonyms": [ "Silence", - "Silence APT group", "WHISPER SPIDER" ] }, @@ -6980,7 +6954,6 @@ "https://www.secureworks.com/research/threat-profiles/cobalt-hickman" ], "synonyms": [ - "APT 39", "Chafer", "REMIX KITTEN", "COBALT HICKMAN" @@ -7247,7 +7220,6 @@ "COBALT DICKENS", "Mabna Institute", "TA407", - "TA 407" ] }, "uuid": "5059b44d-2753-4977-b987-4922f09afe6b", @@ -7281,7 +7253,6 @@ "https://twitter.com/bkMSFT/status/1417823714922610689" ], "synonyms": [ - "APT 31", "ZIRCONIUM", "JUDGMENT PANDA", "BRONZE VINEWOOD" @@ -7346,9 +7317,6 @@ "refs": [ "https://www.darkreading.com/analytics/prolific-cybercrime-gang-favors-legit-login-credentials/d/d-id/1322645?", "https://attack.mitre.org/groups/G0053/" - ], - "synonyms": [ - "FIN 5" ] }, "uuid": "44dc2f9c-8c28-11e9-9b9a-7fdced8cbf70", @@ -7360,9 +7328,6 @@ "country": "RU", "refs": [ "https://www.fireeye.com/blog/threat-research/2015/12/fin1-targets-boot-record.html" - ], - "synonyms": [ - "FIN 1" ] }, "uuid": "13289552-596e-4592-9c81-eeb4db6baf3c", @@ -7374,9 +7339,6 @@ "refs": [ "https://www2.fireeye.com/rs/848-DID-242/images/rpt-fin10.pdf", "https://attack.mitre.org/groups/G0051/" - ], - "synonyms": [ - "FIN 10" ] }, "uuid": "f2d02410-8c2c-11e9-8df1-a31c1fb33d79", @@ -7656,8 +7618,7 @@ ], "synonyms": [ "Temp.Hex", - "Vicious Panda", - "TA 428" + "Vicious Panda" ] }, "uuid": "5533d062-18ab-4c70-9472-0eac03f95a1d", @@ -7777,10 +7738,6 @@ "https://www.proofpoint.com/us/threat-insight/post/lookback-forges-ahead-continued-targeting-united-states-utilities-sector-reveals", "https://www.proofpoint.com/us/threat-insight/post/lookback-malware-targets-united-states-utilities-sector-phishing-attacks", "https://www.proofpoint.com/us/blog/threat-insight/ta410-group-behind-lookback-attacks-against-us-utilities-sector-returns-new" - ], - "synonyms": [ - "LookBack", - "TA 410" ] }, "uuid": "5cd95926-0098-435e-892d-9c9f61763ad7", @@ -7826,10 +7783,6 @@ "meta": { "refs": [ "https://www.ptsecurity.com/upload/corporate/ru-ru/analytics/calypso-apt-2019-rus.pdf" - ], - "synonyms": [ - "Calypso", - "Calypso APT" ] }, "uuid": "200d04c8-a11f-45c4-86fd-35bb5de3f7a3", @@ -7849,9 +7802,7 @@ "synonyms": [ "Maze Team", "TWISTED SPIDER", - "GOLD VILLAGE", - "TA 2101", - "Maze" + "GOLD VILLAGE" ] }, "uuid": "39925aa0-c7bf-4b9b-97d6-7d600329453d", @@ -8090,9 +8041,7 @@ ], "synonyms": [ "GOLD ESSEX", - "TA544", - "TA 544", - "Narwhal Spider" + "TA544" ] }, "uuid": "fda9cdea-0017-495e-879d-0f348db2aa07", @@ -8285,9 +8234,6 @@ "country": "CN", "refs": [ "https://www.proofpoint.com/us/blog/threat-insight/chinese-apt-ta413-resumes-targeting-tibet-following-covid-19-themed-economic" - ], - "synonyms": [ - "TA 413" ] }, "uuid": "cbf94f8d-20f2-45a0-b78b-54715b6b4e18", @@ -8382,9 +8328,8 @@ ], "synonyms": [ "TEMP.Warlock", - "FIN 11", "UNC902", - "Graceful Spider" + "GRACEFUL SPIDER" ] }, "uuid": "c01aadc6-1087-4e8e-8d5c-a27eba409fe3", @@ -8539,7 +8484,6 @@ ], "synonyms": [ "UNC1151", - "TA 445", "TA445" ] }, @@ -8757,9 +8701,7 @@ ], "synonyms": [ "Shakthak", - "TA551", - "TA 551", - "Lunar Spider" + "TA551" ] }, "uuid": "36e8c848-4d20-47ea-9fc2-31aa17bf82d1", @@ -8976,9 +8918,6 @@ "country": "RU", "refs": [ "https://www.mandiant.com/resources/fin13-cybercriminal-mexico" - ], - "synonyms": [ - "FIN 13" ] }, "uuid": "60fa684d-c738-4b77-98fb-3f6605e2bb82", @@ -9042,9 +8981,6 @@ "meta": { "refs": [ "https://www.thaicert.or.th/downloads/files/Threat_Group_Cards_v2.0.pdf" - ], - "synonyms": [ - "TA 516" ] }, "uuid": "0466bbf1-a187-4b3d-b558-a31e5ca11ea7", @@ -9055,10 +8991,6 @@ "meta": { "refs": [ "https://www.thaicert.or.th/downloads/files/Threat_Group_Cards_v2.0.pdf" - ], - "synonyms": [ - "Scully Spider", - "TA 547" ] }, "uuid": "29fbc8d4-1e6e-4edc-9887-bdf47f36e4c1", @@ -9092,9 +9024,6 @@ "meta": { "refs": [ "https://www.proofpoint.com/us/blog/threat-insight/q4-2020-threat-report-quarterly-analysis-cybersecurity-trends-tactics-and-themes" - ], - "synonyms": [ - "TA 800" ] }, "uuid": "75fac2e9-8f2c-4620-a1cc-4b8a61c1bb48",